Buscar
  • juanjomartinez56

Is your Microsoft server compromised?

I am nervous as I read the note from Cybersecurity and Infrastructure Security Agency, CISA, that at least thirty thousand organizations have been hacked via Microsoft's email software vulnerabilities. I am a user of Exchange for my work, as you probably are too. ūüėĒ


The attackers are a Chinese state-sponsored group called Hafnium, which focuses on stealing emails from victims' organizations. ūüď≠


They exploit at least four newly discovered vulnerabilities in Microsoft Exchange Servers and install a "web shell" hacking tool on the server's victims, giving them administrative access. ūüí£


Microsoft has identified the attack and has issued updates, including patches to address the issue. They have also released a script on Git-Hub,

Test-ProxyLogon.ps1 that you can use to check if your servers are compromised. ūüĒé


Find the link to Git-Hub in the comments below. ‚¨áÔłŹ


Looking at how much focus attackers are putting on Microsoft products, are you considering additional solutions to reinforce your Microsoft assets' security? ūüßĮ


Links: Charlie Osborne's article: https://www.zdnet.com/article/check-to-see-if-youre-vulnerable-to-microsoft-exchange-server-zero-days-using-this-tool/

Link to Git-Hub that you can use to check if your exchange servers are compromised:

https://github.com/microsoft/CSS-Exchange/tree/main/Security


0 vistas0 comentarios

Entradas Recientes

Ver todo